Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-07 | CVE-2023-39523 | Command Injection vulnerability in Nexb Scancode.Io ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. | 8.8 |
| 2023-08-07 | CVE-2023-38921 | Command Injection vulnerability in Netgear Wag302V2 Firmware and Wg302V2 Firmware Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgrade_handler function via the firmwareRestore and firmwareServerip parameters. | 8.8 |
| 2023-08-07 | CVE-2023-38928 | Command Injection vulnerability in Netgear R7100Lg Firmware 1.0.0.78 Netgear R7100LG 1.0.0.78 was discovered to contain a command injection vulnerability via the password parameter at usb_remote_invite.cgi. | 9.8 |
| 2023-08-04 | CVE-2023-38941 | Command Injection vulnerability in Ehco1996 Django-Sspanel 2022.2.2 django-sspanel v2022.2.2 was discovered to contain a remote command execution (RCE) vulnerability via the component sspanel/admin_view.py -> GoodsCreateView._post. | 9.8 |
| 2023-08-03 | CVE-2023-38942 | Command Injection vulnerability in Dango Dango-Translator 4.5.5 Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json. | 9.8 |
| 2023-08-03 | CVE-2023-37679 | Command Injection vulnerability in Nextgen Mirth Connect 4.3.0 A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server. | 9.8 |
| 2023-08-02 | CVE-2023-26317 | Command Injection vulnerability in MI Xiaomi Router Firmware Xiaomi routers have an external interface that can lead to command injection. | 9.8 |
| 2023-08-02 | CVE-2023-26430 | Command Injection vulnerability in Open-Xchange Appsuite Backend 7.10.6/8.10.0 Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. | 4.3 |
| 2023-08-01 | CVE-2023-3739 | Command Injection vulnerability in Google Chrome Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker to execute arbitrary code via a crafted shell script. | 6.3 |
| 2023-08-01 | CVE-2023-31429 | Command Injection vulnerability in Broadcom Fabric Operating System Brocade Fabric OS before Brocade Fabric OS 9.1.1c, 9.2.0 contains a vulnerability when using various commands such as “chassisdistribute”, “reboot”, “rasman”, errmoduleshow, errfilterset, hassiscfgperrthreshold, supportshowcfgdisable and supportshowcfgenable commands that can cause the content of shell interpreted variables to be printed in the terminal. | 5.5 |